Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/76/b85cdd-ba4a-458e-a7a8-1e122838a111/1/PBQVQhaFrONoLxYdMQ2ScmzfsJc.mft
File:                     PBQVQhaFrONoLxYdMQ2ScmzfsJc.mft (raw, json)
Hash identifier:          +JLvs25zXmm5jwWEvlROOHVz4D1cvlMLPF4N6XvEmW4=
Subject key identifier:   FD:E0:01:41:29:CA:E0:AD:7F:97:BC:7C:A7:EF:7F:47:28:2F:3C:B7
Authority key identifier: 3C:14:15:42:16:85:AC:E3:68:2F:16:1D:31:0D:92:72:6C:DF:B0:97
Certificate issuer:       /CN=3c1415421685ace3682f161d310d92726cdfb097
Certificate serial:       019D386577B35F641BF79FDE22F7E186752A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/PBQVQhaFrONoLxYdMQ2ScmzfsJc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/76/b85cdd-ba4a-458e-a7a8-1e122838a111/1/PBQVQhaFrONoLxYdMQ2ScmzfsJc.mft
Manifest number:          188B
Signing time:             Sun 29 Mar 2026 07:01:06 +0000
Manifest this update:     Sun 29 Mar 2026 07:01:06 +0000
Manifest next update:     Mon 30 Mar 2026 07:01:06 +0000
Files and hashes:         1: PBQVQhaFrONoLxYdMQ2ScmzfsJc.crl (hash: Oe3hnByATjtMapjhjmjmVGfKopDTyBV2wAuQNjHsTaE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/76/b85cdd-ba4a-458e-a7a8-1e122838a111/1/PBQVQhaFrONoLxYdMQ2ScmzfsJc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/76/b85cdd-ba4a-458e-a7a8-1e122838a111/1/PBQVQhaFrONoLxYdMQ2ScmzfsJc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/PBQVQhaFrONoLxYdMQ2ScmzfsJc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:65:77:b3:5f:64:1b:f7:9f:de:22:f7:e1:86:75:2a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3c1415421685ace3682f161d310d92726cdfb097
        Validity
            Not Before: Mar 29 07:01:06 2026 GMT
            Not After : Mar 30 07:01:06 2026 GMT
        Subject: CN=fde0014129cae0ad7f97bc7ca7ef7f47282f3cb7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a0:07:80:ca:27:bd:63:82:b7:08:28:f4:2b:34:
                    a4:bd:1f:67:66:76:28:e7:6d:4a:9e:f6:f0:3f:e7:
                    3f:f4:c5:dd:10:79:a9:bc:18:a8:62:2e:d3:05:40:
                    02:0c:a4:53:37:1e:cd:13:5a:1c:6b:7d:3a:6c:e1:
                    a0:a8:bf:82:ab:fb:d7:65:b2:62:eb:e8:44:73:67:
                    ba:e3:b5:04:7d:59:50:db:c2:46:de:3e:2c:93:a8:
                    da:af:bd:ba:a1:fa:e8:50:4d:fc:ff:54:55:a5:6c:
                    96:7e:37:d8:86:93:9e:8f:e6:42:6f:b9:c3:7d:2d:
                    da:20:de:3d:d7:24:30:e7:8c:85:d7:7d:5d:02:66:
                    91:dc:9e:25:2c:7b:95:e0:75:84:70:9c:6d:5f:91:
                    b3:23:d9:89:41:81:ba:13:84:36:17:73:03:a5:b0:
                    72:a0:6a:eb:77:f7:43:08:72:9b:46:d3:93:8d:8a:
                    0e:29:39:50:b3:51:6e:21:7d:4a:7c:a7:da:43:b0:
                    45:32:c3:3c:ef:5f:2a:11:99:6c:8a:03:40:c4:2a:
                    e9:f1:a1:2e:6b:e7:fa:d8:7a:7c:13:33:7f:87:6b:
                    9d:c6:e2:50:41:56:69:93:c6:a2:b0:88:63:77:24:
                    ce:03:a0:07:d3:1e:66:08:80:89:be:49:0d:e3:de:
                    80:5f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FD:E0:01:41:29:CA:E0:AD:7F:97:BC:7C:A7:EF:7F:47:28:2F:3C:B7
            X509v3 Authority Key Identifier:
                keyid:3C:14:15:42:16:85:AC:E3:68:2F:16:1D:31:0D:92:72:6C:DF:B0:97

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PBQVQhaFrONoLxYdMQ2ScmzfsJc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/76/b85cdd-ba4a-458e-a7a8-1e122838a111/1/PBQVQhaFrONoLxYdMQ2ScmzfsJc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/76/b85cdd-ba4a-458e-a7a8-1e122838a111/1/PBQVQhaFrONoLxYdMQ2ScmzfsJc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4e:c1:67:81:73:f1:0c:80:b2:d1:cd:31:df:48:f8:f7:72:ff:
         cc:78:61:a5:30:99:5e:61:4d:78:52:87:29:07:22:dd:74:96:
         87:49:d2:19:9c:bb:95:71:f9:75:b2:08:e9:2f:35:07:29:49:
         c9:f6:b6:04:c3:1b:ee:f3:b0:d6:db:de:61:49:1f:11:82:2b:
         e0:ba:0d:94:07:b6:15:91:d5:0e:cb:cf:cb:50:8f:fd:0e:7c:
         96:57:c3:3a:b8:5f:26:5d:47:9e:e5:8e:d2:aa:45:6a:4c:1a:
         6d:25:58:62:25:dd:0d:18:bc:7b:22:c6:04:1a:88:50:63:bd:
         f1:66:ba:73:68:6b:87:b7:6f:ec:76:05:50:47:46:5b:eb:de:
         a5:04:d0:c2:22:1c:ff:8c:41:62:95:ef:c9:ed:00:92:50:e8:
         88:b3:09:b0:e2:cc:ed:51:a0:ad:66:24:e8:bd:d7:67:93:96:
         1b:64:be:29:f4:23:8e:19:85:3c:7f:a4:93:81:91:76:d1:de:
         3b:21:29:e3:b1:e4:94:e0:31:30:49:3c:02:32:b6:00:34:17:
         06:d3:f6:d2:08:f9:28:d3:31:88:7a:b5:b3:b6:f6:f3:4d:67:
         79:3a:58:c0:96:d8:94:bb:c4:81:d5:31:27:1a:3d:dd:c6:82:
         ec:b5:75:38
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04ZXezX2Qb95/eIvfhhnUqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNjMTQxNTQyMTY4NWFjZTM2ODJmMTYxZDMxMGQ5MjcyNmNk
ZmIwOTcwHhcNMjYwMzI5MDcwMTA2WhcNMjYwMzMwMDcwMTA2WjAzMTEwLwYDVQQD
EyhmZGUwMDE0MTI5Y2FlMGFkN2Y5N2JjN2NhN2VmN2Y0NzI4MmYzY2I3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoAeAyie9Y4K3CCj0KzSkvR9nZnYo
521KnvbwP+c/9MXdEHmpvBioYi7TBUACDKRTNx7NE1oca306bOGgqL+Cq/vXZbJi
6+hEc2e647UEfVlQ28JG3j4sk6jar726ofroUE38/1RVpWyWfjfYhpOej+ZCb7nD
fS3aIN491yQw54yF131dAmaR3J4lLHuV4HWEcJxtX5GzI9mJQYG6E4Q2F3MDpbBy
oGrrd/dDCHKbRtOTjYoOKTlQs1FuIX1KfKfaQ7BFMsM8718qEZlsigNAxCrp8aEu
a+f62Hp8EzN/h2udxuJQQVZpk8aisIhjdyTOA6AH0x5mCICJvkkN496AXwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFP3gAUEpyuCtf5e8fKfvf0coLzy3MB8GA1UdIwQY
MBaAFDwUFUIWhazjaC8WHTENknJs37CXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUEJRVlFoYUZyT05vTHhZZE1RMlNjbXpmc0pjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ni9iODVjZGQtYmE0YS00NThlLWE3YTgt
MWUxMjI4MzhhMTExLzEvUEJRVlFoYUZyT05vTHhZZE1RMlNjbXpmc0pjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ni9iODVjZGQtYmE0YS00NThlLWE3YTgtMWUxMjI4MzhhMTEx
LzEvUEJRVlFoYUZyT05vTHhZZE1RMlNjbXpmc0pjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATsFngXPx
DICy0c0x30j493L/zHhhpTCZXmFNeFKHKQci3XSWh0nSGZy7lXH5dbII6S81BylJ
yfa2BMMb7vOw1tveYUkfEYIr4LoNlAe2FZHVDsvPy1CP/Q58llfDOrhfJl1HnuWO
0qpFakwabSVYYiXdDRi8eyLGBBqIUGO98Wa6c2hrh7dv7HYFUEdGW+vepQTQwiIc
/4xBYpXvye0AklDoiLMJsOLM7VGgrWYk6L3XZ5OWG2S+KfQjjhmFPH+kk4GRdtHe
OyEp47HklOAxMEk8AjK2ADQXBtP20gj5KNMxiHq1s7b2801neTpYwJbYlLvEgdUx
Jxo93caC7LV1OA==
-----END CERTIFICATE-----